diff --git a/windows/security/TOC.yml b/windows/security/TOC.yml
index c0d8371997..9228a4398d 100644
--- a/windows/security/TOC.yml
+++ b/windows/security/TOC.yml
@@ -9,7 +9,9 @@
     - name: Common Criteria Certifications
       href: threat-protection/windows-platform-common-criteria.md
     - name: Microsoft Security Development Lifecycle
-      href: /threat-protection/msft-security-dev-lifecycle.md
+      href: threat-protection/msft-security-dev-lifecycle.md
+    - name: Microsoft Bug Bounty Program
+      href: threat-protection/microsoft-bug-bounty-program.md
 - name: Hardware security
   items: 
     - name: Trusted Platform Module
diff --git a/windows/security/threat-protection/microsoft-bug-bounty-program.md b/windows/security/threat-protection/microsoft-bug-bounty-program.md
new file mode 100644
index 0000000000..7dcc6cdd7f
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-bug-bounty-program.md
@@ -0,0 +1,22 @@
+---
+title: About the Microsoft Bug Bounty Program
+description: If you are a security researcher, you can get a reward for reporting a vulnerability in a Microsoft product, service, or device.
+ms.prod: m365-security
+audience: ITPro
+author: dansimp
+ms.author: dansimp
+manager: dansimp
+ms.collection: M365-identity-device-management
+ms.topic: article
+ms.localizationpriority: medium
+ms.reviewer: 
+ms.technology: other
+---
+
+# About the Microsoft Bug Bounty Program
+
+Are you a security researcher? Did you find a vulnerability in a Microsoft product, service, or device? If so, we want to hear from you!
+
+If your vulnerability report affects a product or service that is within scope of one of our bounty programs below, you could receive a bounty award according to the program descriptions.
+
+Visit the [Microsoft Bug Bounty Program site](https://www.microsoft.com/en-us/msrc/bounty?rtc=1) for all the details!
\ No newline at end of file